[CentOS] firefox: annoyance

Fri Sep 26 22:36:10 UTC 2014
Valeri Galtsev <galtsev at kicp.uchicago.edu>

On Fri, September 26, 2014 5:13 pm, John R Pierce wrote:
> On 9/26/2014 2:51 PM, Always Learning wrote:
>> Probably all Windoze
> linux apache web servers with the bash exploit are getting owned en
> masse today.     my (patched) internet web server has logged 100s and
> 100s of attempts like...
> - - [26/Sep/2014:00:49:29 -0700] "GET /cgi-bin/test.sh

I feel really stupid, but I have to ask. If your server wasn't patched, it
only would have owned by the above if that file exists, is executable by
apache and it indeed invokes bash (say, has #!/bin/bash or whatever bash
location is as first line), right? ;-)


Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247